Network Security Analysis and Defense Strategies

• Main Authors: Chiin-Wei Su, 蘇俊維
• Other Authors: Fang-Yie Leu
• Format: Others
• Language: zh-TW
• Published: 2003
• Online Access: http://ndltd.ncl.edu.tw/handle/96070601703342247655

碩士 === 東海大學 === 資訊工程與科學系碩士在職專班 === 91 === An Intrusion detection system (IDS) generally focuses on the analysis and detection of network anomalies. In fact, all the messages that might threaten a network system and the behaviors of improper network accesses are those should be analyzed when one tries to detect network attacks. In order to improve security degree of a network, we should analyze all kinds of network threats and establish a proper access and monitoring mechanism. In this paper, we first study how intruders gather network packets or obtain illegal access authority by hacking network drawbacks. Second, we discuss how intruders use rarely monitored packets and tunnel to build backdoors for stealing information from information systems, and the way they perform connection hijacking by using spoofing IP and TCP sequence number surmise. Third, how intruders obtain system accounts through security weakness of an operation system is stated. Forth, we describe how hackers make use of undetectable methods to scan network systems to avoid detection by some security mechanism. Finally, we study intrusion procedures and trends, and provide suggestions for network administrator to set up a safer network environment. The purposes are to increase the difficulties of intrusion and illegal accesses to network facilities so as network security can be dramatically improved.